PT-2021-16585 · Samsung · Samsung Mobile Devices

Jd.Com

Published

2021-06-11

Updated

2025-10-30

CVE-2021-25394

CVSS v3.1

6.4

Medium

Vector

AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices versions prior to SMR MAY-2021 Release 1

Description: A use after free vulnerability via race condition in the MFC charger driver allows arbitrary write given that a radio privilege is compromised. This issue is related to a race condition, which is a type of synchronization issue where the behavior of a program depends on the relative timing of threads or processes.

Recommendations: For versions prior to SMR MAY-2021 Release 1, update to SMR MAY-2021 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the MFC charger driver to minimize the risk of exploitation.

Fix

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

CVE-2021-25394

Affected Products

Samsung Mobile Devices

PT-2021-16585 · Samsung · Samsung Mobile Devices

CVE-2021-25394

Weakness Enumeration

Related Identifiers

Affected Products

References · 7